9 files changed, 108 insertions, 120 deletions

diff --git a/Makefile b/Makefile
index 3d42d8f..9f9b25e 100644
--- a/Makefile
+++ b/Makefile
@@ -41,10 +41,10 @@ LIB		= libhal.a
 
 USAGE := "usage: ${MAKE} [IO_BUS=eim|i2c|fmc] [RPC_MODE=none|server|client-simple|client-mixed] [KS=volatile|mmap|flash] [RPC_TRANSPORT=none|loopback|serial|daemon] [MODEXP_CORE=no|yes]"
 
-IO_BUS		?= eim
+IO_BUS		?= none
 KS		?= volatile
 RPC_MODE	?= none
-RPC_TRANSPORT	?= serial
+RPC_TRANSPORT	?= none
 MODEXP_CORE	?= no
 
 ifeq (,$(and \
@@ -72,7 +72,8 @@ endif
 # makefile, so the working definition of "always want" is sometimes
 # just "building this is harmless even if we don't use it."
 
-OBJ = errorstrings.o hash.o asn1.o ecdsa.o rsa.o ${KS_OBJ}
+OBJ += errorstrings.o hash.o asn1.o ecdsa.o rsa.o ${KS_OBJ} xdr.o slip.o
+OBJ += rpc_api.o rpc_hash.o rpc_misc.o rpc_pkey.o rpc_client.o rpc_server.o
 
 # Object files to build when we're on a platform with direct access
 # to our hardware (Verilog) cores.
@@ -128,7 +129,7 @@ endif
 #   client-mixed:	Like client-simple but do hashing locally in software and
 #			support a local keystore (for PKCS #11 public keys, etc)
 #
-# RPC_TRANSPORT = loopback | serial | daemon
+# RPC_TRANSPORT = none | loopback | serial | daemon
 #   loopback:		Communicate over loopback socket on Novena
 #   serial:		Communicate over USB in serial pass-through mode
 #   daemon:		Communicate over USB via a daemon, to arbitrate multiple clients
@@ -138,45 +139,35 @@ endif
 # the C preprocessor: we can use symbolic names so long as they're defined as macros
 # in the C code, but we can't use things like C enum symbols.
 
-ifneq "${RPC_MODE}" "none"
-  OBJ += rpc_api.o xdr.o
+ifneq "${RPC_MODE}" "server"
+  OBJ += rpc_serial.o
 endif
 
-ifeq "${RPC_MODE}" "server"
-  OBJ += slip.o
-else ifeq "${RPC_TRANSPORT}" "serial"
-  OBJ += slip.o rpc_serial.o
-endif
-
-RPC_CLIENT_OBJ = rpc_client.o
 ifeq "${RPC_TRANSPORT}" "loopback"
-  RPC_CLIENT_OBJ += rpc_client_loopback.o
+  RPC_CLIENT_OBJ = rpc_client_loopback.o
 else ifeq "${RPC_TRANSPORT}" "serial"
-  RPC_CLIENT_OBJ += rpc_client_serial.o
+  RPC_CLIENT_OBJ = rpc_client_serial.o
 else ifeq "${RPC_TRANSPORT}" "daemon"
-  RPC_CLIENT_OBJ += rpc_client_daemon.o
+  RPC_CLIENT_OBJ = rpc_client_daemon.o
 endif
 
-RPC_DISPATCH_OBJ = rpc_hash.o rpc_misc.o rpc_pkey.o
-
-RPC_SERVER_OBJ = rpc_server.o
 ifeq "${RPC_TRANSPORT}" "loopback"
-  RPC_SERVER_OBJ += rpc_server_loopback.o
+  RPC_SERVER_OBJ = rpc_server_loopback.o
 else ifeq "${RPC_TRANSPORT}" "serial"
-  RPC_SERVER_OBJ += rpc_server_serial.o
+  RPC_SERVER_OBJ = rpc_server_serial.o
 endif
 
 ifeq "${RPC_MODE}" "none"
   OBJ += ${CORE_OBJ}
   CFLAGS += -DHAL_RSA_USE_MODEXP=${RSA_USE_MODEXP_CORE}
 else ifeq "${RPC_MODE}" "server"
-  OBJ += ${CORE_OBJ} ${RPC_SERVER_OBJ} ${RPC_DISPATCH_OBJ}
+  OBJ += ${CORE_OBJ} ${RPC_SERVER_OBJ}
   CFLAGS += -DRPC_CLIENT=RPC_CLIENT_LOCAL -DHAL_RSA_USE_MODEXP=${RSA_USE_MODEXP_CORE}
 else ifeq "${RPC_MODE}" "client-simple"
   OBJ += ${RPC_CLIENT_OBJ}
   CFLAGS += -DRPC_CLIENT=RPC_CLIENT_REMOTE -DHAL_RSA_USE_MODEXP=0
 else ifeq "${RPC_MODE}" "client-mixed"
-  OBJ += ${RPC_CLIENT_OBJ} ${RPC_DISPATCH_OBJ}
+  OBJ += ${RPC_CLIENT_OBJ}
   CFLAGS += -DRPC_CLIENT=RPC_CLIENT_MIXED -DHAL_RSA_USE_MODEXP=0
   KS = volatile
 endif
@@ -207,18 +198,21 @@ all: ${LIB}
 	cd utils; ${MAKE} $@
 
 client:
-	${MAKE} RPC_MODE=client-simple
+	${MAKE} RPC_MODE=client-simple RPC_TRANSPORT=daemon
 
 mixed:
-	${MAKE} RPC_MODE=client-mixed
+	${MAKE} RPC_MODE=client-mixed RPC_TRANSPORT=daemon
 
 server:
-	${MAKE} RPC_MODE=server
+	${MAKE} RPC_MODE=server RPC_TRANSPORT=serial IO_BUS=fmc
 
-daemon: cryptech_rpcd
-	${MAKE} RPC_MODE=client-mixed RPC_TRANSPORT=daemon
+serial:
+	${MAKE} RPC_MODE=client-mixed RPC_TRANSPORT=serial
+
+daemon:
+	${MAKE} RPC_MODE=client-mixed RPC_TRANSPORT=daemon ${LIB} cryptech_rpcd
 
-cryptech_rpcd: daemon.o slip.o rpc_serial.o xdr.o
+cryptech_rpcd: daemon.o ${LIB}
 	${CC} ${CFLAGS} -o $@ $^ ${LDFLAGS}
 
 ${OBJ}: ${INC}
diff --git a/daemon.c b/daemon.c
index 7991710..81851ed 100644
--- a/daemon.c
+++ b/daemon.c
@@ -42,6 +42,7 @@
 #include <getopt.h>             /* required with -std=c99 */
 #include <termios.h>            /* for default speed */
 
+#include "hal_internal.h"
 #include "slip_internal.h"
 #include "xdr_internal.h"
 
@@ -99,32 +100,13 @@ static void poll_remove(int fd)
     /* if it's not found, return without an error */
 }
 
-#ifndef MAX_PKT_SIZE    /* move this to hal_internal.h */
-#define MAX_PKT_SIZE 4096
-#endif
-
 typedef struct {
     size_t len;
-    uint8_t buf[MAX_PKT_SIZE];
+    uint8_t buf[HAL_RPC_MAX_PKT_SIZE];
 } rpc_buffer_t;
 static rpc_buffer_t ibuf, obuf;
 
-#ifndef DEVICE
-#define DEVICE "/dev/ttyUSB0"
-#endif
-
-#ifndef SPEED
-#define SPEED B921600
-#endif
-
-#ifndef B921600
-#define B921600 921600
-#endif
-
-#ifndef SOCKET_NAME
-#define SOCKET_NAME "/tmp/cryptechd.socket"
-#endif
-char *socket_name = SOCKET_NAME;
+const char *socket_name = HAL_CLIENT_DAEMON_DEFAULT_SOCKET_NAME;
 
 /* Set up an atexit handler to remove the filesystem entry for the unix domain
  * socket. This will trigger on error exits, but not on the "normal" SIGKILL.
@@ -151,8 +133,8 @@ int main(int argc, char *argv[])
     int lsock;
     int dsock;
     int opt;
-    char *device = DEVICE;
-    speed_t speed = SPEED;
+    const char *device = HAL_CLIENT_SERIAL_DEFAULT_DEVICE;
+    uint32_t speed     = HAL_CLIENT_SERIAL_DEFAULT_SPEED;
 
     while ((opt = getopt(argc, argv, "hn:d:s:")) != -1) {
         switch (opt) {
@@ -168,10 +150,7 @@ int main(int argc, char *argv[])
         case 's':
             switch (atoi(optarg)) {
             case 115200:
-                speed = B115200;
-                break;
             case 921600:
-                speed = B921600;
                 break;
             default:
                 printf("invalid speed value %s\n", optarg);
@@ -218,11 +197,13 @@ int main(int argc, char *argv[])
      */
     memset(&name, 0, sizeof(struct sockaddr_un));
 
-    /* Bind the listening socket.
+    /* Bind the listening socket.  On some platforms, we have to pass the "real"
+     * (number of bytes in use) length of the sockaddr_un to get the name bound
+     * correctly, so use the SUN_LEN() macro to calculate that.
      */
     name.sun_family = AF_UNIX;
     strncpy(name.sun_path, socket_name, sizeof(name.sun_path) - 1);
-    ret = bind(lsock, (const struct sockaddr *) &name, sizeof(struct sockaddr_un));
+    ret = bind(lsock, (const struct sockaddr *) &name, SUN_LEN(&name));
     if (ret == -1) {
         perror("bind");
         exit(EXIT_FAILURE);
@@ -290,9 +271,9 @@ int main(int argc, char *argv[])
 
                 /* client data socket */
                 else {
-                    const uint8_t * const limit = obuf.buf + MAX_PKT_SIZE;
+                    const uint8_t * const limit = obuf.buf + HAL_RPC_MAX_PKT_SIZE;
                     /* Get the client's rpc request packet. */
-                    obuf.len = recv(pollfds[i].fd, obuf.buf, MAX_PKT_SIZE, 0);
+                    obuf.len = recv(pollfds[i].fd, obuf.buf, HAL_RPC_MAX_PKT_SIZE, 0);
 #ifdef DEBUG
                     printf("data socket %d received request:\n", pollfds[i].fd);
                     hexdump(obuf.buf, obuf.len);
diff --git a/hal_internal.h b/hal_internal.h
index e238bcf..7a97a87 100644
--- a/hal_internal.h
+++ b/hal_internal.h
@@ -450,6 +450,34 @@ typedef enum {
 #define RPC_CLIENT_MIXED        2
 #define RPC_CLIENT_NONE         3
 
+/*
+ * Maximum size of a HAL RPC packet.
+ */
+
+#ifndef HAL_RPC_MAX_PKT_SIZE
+#define HAL_RPC_MAX_PKT_SIZE    4096
+#endif
+
+/*
+ * Location of AF_UNIX socket for RPC client mux daemon.
+ */
+
+#ifndef HAL_CLIENT_DAEMON_DEFAULT_SOCKET_NAME
+#define HAL_CLIENT_DAEMON_DEFAULT_SOCKET_NAME   "/tmp/cryptech_rpcd.socket"
+#endif
+
+/*
+ * Default device name and line speed for HAL RPC serial connection to HSM.
+ */
+
+#ifndef HAL_CLIENT_SERIAL_DEFAULT_DEVICE
+#define HAL_CLIENT_SERIAL_DEFAULT_DEVICE 	"/dev/ttyUSB0"
+#endif
+
+#ifndef HAL_CLIENT_SERIAL_DEFAULT_SPEED
+#define HAL_CLIENT_SERIAL_DEFAULT_SPEED         921600
+#endif
+
 #endif /* _HAL_INTERNAL_H_ */
 
 /*
diff --git a/rpc_client_daemon.c b/rpc_client_daemon.c
index f328302..dea352f 100644
--- a/rpc_client_daemon.c
+++ b/rpc_client_daemon.c
@@ -41,10 +41,6 @@
 #include "hal.h"
 #include "hal_internal.h"
 
-#ifndef SOCKET_NAME
-#define SOCKET_NAME "/tmp/cryptechd.socket"
-#endif
-
 static int sock = -1;
 
 hal_error_t hal_rpc_client_transport_init(void)
@@ -57,7 +53,7 @@ hal_error_t hal_rpc_client_transport_init(void)
         return perror("socket"), HAL_ERROR_RPC_TRANSPORT;
     memset(&name, 0, sizeof(struct sockaddr_un));
     name.sun_family = AF_UNIX;
-    strncpy(name.sun_path, SOCKET_NAME, sizeof(name.sun_path) - 1);
+    strncpy(name.sun_path, HAL_CLIENT_DAEMON_DEFAULT_SOCKET_NAME, sizeof(name.sun_path) - 1);
     ret = connect(sock, (const struct sockaddr *) &name, sizeof(struct sockaddr_un));
     if (ret == -1)
         return perror("connect"), HAL_ERROR_RPC_TRANSPORT;
diff --git a/rpc_client_serial.c b/rpc_client_serial.c
index b27c255..149998e 100644
--- a/rpc_client_serial.c
+++ b/rpc_client_serial.c
@@ -33,6 +33,7 @@
  */
 
 #include <stdio.h>
+#include <stdlib.h>
 #include <sys/types.h>
 #include <sys/socket.h>
 #include <netinet/in.h>
@@ -44,15 +45,9 @@
 #include "hal_internal.h"
 #include "slip_internal.h"
 
-/* XXX These REALLY ought to be passed from the client app command line,
- * rather than compiled into the library.
- */
-#define DEVICE "/dev/ttyUSB1"
-#define SPEED B921600
-
 hal_error_t hal_rpc_client_transport_init(void)
 {
-    return hal_serial_init(DEVICE, SPEED);
+    return hal_serial_init(HAL_CLIENT_SERIAL_DEFAULT_DEVICE, HAL_CLIENT_SERIAL_DEFAULT_SPEED);
 }
 
 hal_error_t hal_rpc_client_transport_close(void)
diff --git a/rpc_serial.c b/rpc_serial.c
index dc5821f..98a1d20 100644
--- a/rpc_serial.c
+++ b/rpc_serial.c
@@ -44,12 +44,28 @@
 #include "hal_internal.h"
 #include "slip_internal.h"
 
+/*
+ * Not thrilled about having OS-specific conditionals, but as such things
+ * go, this seems relatively safe: gcc and clang both define it on Mac OS X,
+ * and anything *not* on Mac OS X which defines it is begging for trouble.
+ */
+
+#ifndef HAL_RPC_SERIAL_USE_MACOSX_IOCTL
+#define HAL_RPC_SERIAL_USE_MACOSX_IOCTL	(defined(__ENVIRONMENT_MAC_OS_X_VERSION_MIN_REQUIRED__))
+#endif
+
+#if HAL_RPC_SERIAL_USE_MACOSX_IOCTL
+#include <IOKit/serial/ioss.h>
+#include <sys/ioctl.h>
+#endif
+
 static int fd = -1;
 
-hal_error_t hal_serial_init(const char * const device, const speed_t speed)
+hal_error_t hal_serial_init(const char * const device, const uint32_t speed)
 {
     struct termios tty;
-    
+    speed_t termios_speed;
+
     fd = open(device, O_RDWR | O_NOCTTY | O_SYNC);
     if (fd == -1) {
         fprintf(stderr, "open %s: ", device);
@@ -59,9 +75,32 @@ hal_error_t hal_serial_init(const char * const device, const speed_t speed)
     if (tcgetattr (fd, &tty) != 0)
 	return perror("tcgetattr"), HAL_ERROR_RPC_TRANSPORT;
 
+#if HAL_RPC_SERIAL_USE_MACOSX_IOCTL
+
+    termios_speed = speed;
+
+    if (ioctl(fd, IOSSIOSPEED, &speed) < 0)
+        return perror("ioctl()"), HAL_ERROR_RPC_TRANSPORT;
+
+#else
+
+    switch (speed) {
+    case 115200:
+        termios_speed = B115200;
+	break;
+    case 921600:
+        termios_speed = B921600;
+	break;
+    default:
+        fprintf(stderr, "invalid line speed %lu\n", (unsigned long) speed);
+	return HAL_ERROR_RPC_TRANSPORT;
+    }
+
     cfsetospeed (&tty, speed);
     cfsetispeed (&tty, speed);
 
+#endif
+
     tty.c_cflag &= ~CSIZE;
     tty.c_cflag |= (CS8 | CLOCAL | CREAD);
 
diff --git a/rpc_server.c b/rpc_server.c
index 9089aea..7b06780 100644
--- a/rpc_server.c
+++ b/rpc_server.c
@@ -755,10 +755,9 @@ void hal_rpc_server_dispatch(const uint8_t * const ibuf, const size_t ilen,
     hal_xdr_encode_int(&optr, olimit, ret);
 }
 
-#define MAX_PKT_SIZE 4096
 #define interrupt 0
 
-static uint8_t inbuf[MAX_PKT_SIZE], outbuf[MAX_PKT_SIZE];
+static uint8_t inbuf[HAL_RPC_MAX_PKT_SIZE], outbuf[HAL_RPC_MAX_PKT_SIZE];
 
 void hal_rpc_server_main(void)
 {
diff --git a/serial_internal.h b/serial_internal.h
deleted file mode 100644
index abf2259..0000000
--- a/serial_internal.h
+++ /dev/null
@@ -1,43 +0,0 @@
-/*
- * serial_internal.c
- * -----------------
- * Low-level serial transport functions.
- *
- * Copyright (c) 2016, NORDUnet A/S All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions are
- * met:
- * - Redistributions of source code must retain the above copyright notice,
- *   this list of conditions and the following disclaimer.
- *
- * - Redistributions in binary form must reproduce the above copyright
- *   notice, this list of conditions and the following disclaimer in the
- *   documentation and/or other materials provided with the distribution.
- *
- * - Neither the name of the NORDUnet nor the names of its contributors may
- *   be used to endorse or promote products derived from this software
- *   without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS
- * IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
- * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
- * PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
- * HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED
- * TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
- * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
- * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
- * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
- * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
- */
-
-#ifndef _HAL_SERIAL_INTERNAL_H
-#define _HAL_SERIAL_INTERNAL_H
-
-hal_error_t hal_serial_init(const char * const device, const speed_t speed, int * const fdp);
-hal_error_t hal_serial_close(void);
-int hal_serial_send_char(const uint8_t c);
-int hal_serial_recv_char(uint8_t * const c);
-
-#endif /* _HAL_SERIAL_INTERNAL_H */
diff --git a/slip_internal.h b/slip_internal.h
index e3b7af0..4c36c31 100644
--- a/slip_internal.h
+++ b/slip_internal.h
@@ -50,8 +50,7 @@ extern hal_error_t hal_serial_send_char(const uint8_t c);
 extern hal_error_t hal_serial_recv_char(uint8_t * const c);
 
 #ifndef STM32F4XX
-#include <termios.h>            /* speed_t */
-extern hal_error_t hal_serial_init(const char * const device, const speed_t speed);
+extern hal_error_t hal_serial_init(const char * const device, const uint32_t speed);
 extern hal_error_t hal_serial_close(void);
 extern int hal_serial_get_fd(void);
 #endif